Snowden and his email provider, Lavabit
This is pretty funny, actually. Lavabit is a secure email provider: the only people with your crypto keys is you with your public and private keys and the recipient with their public and private keys. The way that this encryption works is that everyone gives their public key to anyone who wants it, but keeps their private key a closely-guarded secret. If I want to send you an email, I get your public key and encrypt the message with YOUR PUBLIC key and MY PRIVATE key. When you receive the email, you decrypt it with MY PUBLIC key and YOUR PRIVATE key. This is an automatic process controlled by the software, and it's almost impossible to crack. And don't ask me how it works, it has to do with generating huge prime numbers, but this is how it works in a nutshell. In fact, it is considered utterly secure and unbreakable: basically with sufficiently large keys, which are easy to generate, it would take computer power running until pretty much our sun goes nova to crack it. I never know your private key, the private key is never transmitted across the internet, so unless you machine is compromised with malware, you're pretty darn secure.
That's how Lavabit worked. Apparently the FBI was on to Snowden before he fled the country and they served Lavabit with a subpoena for all of their crypto keys so they could read this email. Lavabit had no choice but to comply, so they did. They provided the FBI with five SSL keys, each of which are 2,560 characters.
They printed them. In four-point type. Eleven pages of extremely small gibberish. And if you get one character wrong, the key is invalid and can't be used to decrypt messages.
The court was not amused and two months later demanded that he hand over the crypto keys in digital form. That was the day that Lavabit announced that it was shutting down, because once the keys were surrendered, the communications of their customers would no longer be secure.
I think what they did was absolutely brilliant. I'm also sure that the FBI will amend their information demands to state "...in DIGITAL form." The article has a sample page of what they keys look like that were given to the FBI.
http://www.npr.org/blogs/thetwo-way/2013/10/03/228878659/how-snowdens-email-provider-tried-to-foil-the-fbi-using-tiny-font?sc=17&f=1001
That's how Lavabit worked. Apparently the FBI was on to Snowden before he fled the country and they served Lavabit with a subpoena for all of their crypto keys so they could read this email. Lavabit had no choice but to comply, so they did. They provided the FBI with five SSL keys, each of which are 2,560 characters.
They printed them. In four-point type. Eleven pages of extremely small gibberish. And if you get one character wrong, the key is invalid and can't be used to decrypt messages.
The court was not amused and two months later demanded that he hand over the crypto keys in digital form. That was the day that Lavabit announced that it was shutting down, because once the keys were surrendered, the communications of their customers would no longer be secure.
I think what they did was absolutely brilliant. I'm also sure that the FBI will amend their information demands to state "...in DIGITAL form." The article has a sample page of what they keys look like that were given to the FBI.
http://www.npr.org/blogs/thetwo-way/2013/10/03/228878659/how-snowdens-email-provider-tried-to-foil-the-fbi-using-tiny-font?sc=17&f=1001